News about the Heartbleed vulnerability is spreading around the world, accelerated by today’s investigation by Revenue Canada that its systems might be compromised.
You can check your organization’s vulnerability, or any Web site by going to this site and entering the name of a domain or a URL to test.
Personal computers aren’t at risk unless they are acting as a server.
“The government’s is doing the right thing,” by shutting down its site, says James Arlen, Hamilton, Ont. -based senior security advisor at Leviathan Security Group. “The bug permits the remote read of the contents of the server’s memory. Until it’s patched (and certificates reissued with new keys) there is a real risk of leaking the entire memory contents of the affected server.”
“Almost everybody who’s got SSL (secure socket layer) needs to apply the patch and generate a new private key,” he said. His firm has fielded many calls from concerned customers since Monday who needed the patch, he said. By now most have already fixed; the others need final testing.
According to a blog posted by Ivan Ristic of Qualys Inc., which posted the SSL Labs test, Heartbleed is the result of a coding error in the OpenSSL 1.0.1 code released in March 2012 that allows an attacker to trick an affected server into disclosing a large part of what’s in memory. It’s the OpenSSL’s implementation of the TLS (transport layer security) ‘heartbeat’ mechanism — hence the name of the bug — which helps keep connections alive without continuous data transfer.
Next-generation IPS and firewall
Next-generation enterprise firewalls (NGFW) include intrusion prevention system (IPS) technology that enables them to spot and block cyber attacks. But they do not replace IPS solutions—you need both. This HP business white paper shows how NGFW and next-generation IPS (NGIPS) are complementary security solutions that work together to secure your network.